A. Field of Invention
The present invention relates to computer memory devices and, more specifically, to mechanisms for controlling user access to the memory devices.
B. Description of Related Art
There are many situations where it is desirable to allow certain users to read data from a non-volatile long-term memory storage device, such as a hard drive, but not allow any data to be written to the device and to allow certain users both to read and write data to the same long-term memory storage device. Internet web sites are hosted on long-term memory storage devices. Generally these sites encourage the general public to read data and prohibit them from writing data and thereby changing the site. The owners of these types of sites have a legitimate need to occasionally change/update the site. For example they may add a new product, change a price, and/or removing an old product.
Our previous invention Ser. No. 09/961,417 is able to adequately protect such a site from unwanted changes. However changing/updating the site requires the long-term memory storage device to be physically unplugged from our device. This involves a risk to the storage device (which is discussed in Ser. No. 09/961,417) and a trained user to have physical access to the long-term memory storage device. In addition, the site must be down while the upgrade is being performed. This is clearly unnecessarily burdensome.
Our previous invention Ser. No. 09/961,417 is able to selectively allow access to just a portion of a long-term memory storage device. There are situations, such as company Intranets, where different divisions within the company share the same long-term memory storage device. It is often desired that each division have access only to data relating to its own division, whereas corporate have access to all data. Our previous invention would not be able to accomplish this. However, our current invention does. For example; Division A may access the long-term memory device (205) through Host Port 1 (1011). The blocking device (203) is set to only allow Host Port 1 access to blocks aaaa-bbbb. In a similar fashion Division B accesses the drive (205) through Host Port 2 and is allowed access to blocks cccc-dddd. Corporate is allowed access to all data and accesses the drive (205) through Host Port n, where it is allowed full access.
Our previous invention Ser. No. 09/961,417 has only one Drive Interface Emulator (320). This could be any type of interface, such as IDE, FireWire, or USB, but each device just has one type. This device would acquire an obvious additional flexibility by having multiple types of interfaces, which our current invention allows.